Author: jmm Date: 2011-11-09 07:20:08 +0000 (Wed, 09 Nov 2011) New Revision: 17574 Modified: data/CVE/list Log: - new mozilla issue - new pam-yubico issue (ITP) - tomcat6 fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-11-08 21:15:03 UTC (rev 17573) +++ data/CVE/list 2011-11-09 07:20:08 UTC (rev 17574) @@ -829,6 +829,7 @@ - ruby1.9.1 <not-affected> (Only affected trunk versions) CVE-2011-4120 RESERVED + - libpam-yubico <itp> (bug #612662) CVE-2011-4119 RESERVED CVE-2011-4118 @@ -2126,22 +2127,65 @@ RESERVED CVE-2011-3655 RESERVED + - xulrunner <not-affected> (Only affects Firefox >= 4) + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) + [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) + - iceape <not-affected> (Only affects Firefox >= 4) CVE-2011-3654 RESERVED + - xulrunner <not-affected> (Only affects Firefox >= 4) + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) + [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) + - iceape <not-affected> (Only affects Firefox >= 4) CVE-2011-3653 RESERVED + - iceweasel <not-affected> (MacOS X-specific) CVE-2011-3652 RESERVED + - xulrunner <not-affected> (Only affects Firefox >= 4) + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) + [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) + - iceape <not-affected> (Only affects Firefox >= 4) CVE-2011-3651 RESERVED + - xulrunner <not-affected> (Only affects Firefox >= 4) + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Only affects Firefox >= 4) + [squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4) + - iceape <not-affected> (Only affects Firefox >= 4) CVE-2011-3650 RESERVED + - icedove 3.1.15-1 + [lenny] - icedove <end-of-life> + - xulrunner <removed> + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) + - iceape 2.0.14-9 + [lenny] - iceape <not-affected> (Only a stub package) CVE-2011-3649 RESERVED + - iceweasel <not-affected> (Windows-specific) CVE-2011-3648 RESERVED + - icedove 3.1.15-1 + [lenny] - icedove <end-of-life> + - xulrunner <removed> + - iceweasel 8.0-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) + - iceape 2.0.14-9 + [lenny] - iceape <not-affected> (Only a stub package) CVE-2011-3647 RESERVED + - icedove 3.1.15-1 + [lenny] - icedove <end-of-life> + - xulrunner <removed> + - iceweasel 7.0-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) + - iceape 2.0.14-9 + [lenny] - iceape <not-affected> (Only a stub package) CVE-2011-3646 [PMASA-2011-15] RESERVED - phpmyadmin 4:3.4.6-1 (unimportant) @@ -5351,7 +5395,7 @@ - qemu-kvm 0.14.1+dfsg-3 (bug #633669) - kvm <not-affected> (Vulnerable code not present) CVE-2011-2526 (Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before ...) - - tomcat6 <unfixed> (bug #634992) + - tomcat6 6.0.32-7 (bug #634992) - tomcat7 7.0.19-1 (bug #634992) - tomcat5.5 <removed> (bug #634992) CVE-2011-2525 @@ -9156,7 +9200,7 @@ NOTE: http://trac.webkit.org/changeset/74853 CVE-2011-1184 RESERVED - - tomcat6 <unfixed> + - tomcat6 6.0.32-7 - tomcat7 7.0.12 - tomcat5.5 <removed> CVE-2011-1183 (Apache Tomcat 7.0.11, when web.xml has no login configuration, does ...)